AMD chips exposed to both variants of Spectre security flaw

(Reuters) - Advanced Micro Devices Inc said on Thursday its microprocessors are susceptible to both variants of the Spectre security flaw, days after saying its risk for one of them was “near zero”.

In a subsequent statement Thursday, AMD said there was “no change” to its position on the susceptibility of its chips to Spectre, but shares fell as much as 4.0 percent after the first AMD announcement.

Last week, security researchers disclosed a set of flaws that could let hackers steal sensitive information from nearly every modern computing device containing chips from Intel

Corp, Advanced Micro Devices Inc and ARM

Holdings.

But investors believed AMD’s chips were at less risk than that of key rival Intel.

AMD’s shares have gained nearly 20 percent since the flaws were made public on Jan. 3 as investors speculated that it could wrest market share from Intel, which is most exposed to the flaws because it is vulnerable to all three variants.

AMD shares dropped as much as 4 percent to $11.65 in after-hours trading after the company’s announcement Thursday. By late afternoon they had recovered to $11.80, a drop of 2.9 percent.

AMD on Jan. 3 also said that its chips were vulnerable to one variant of the Spectre bug, but there was “near zero risk” from the second Spectre variant and vulnerability to the second variant “has not been demonstrated on AMD processors to date.”

In Thursday’s statement, however, AMD said the second Spectre variant “is applicable to AMD” processors and that it would issue patches for its Ryzen and EPYC processors starting this week and older chips in the coming weeks.

"While we believe that AMD's processor architectures make it difficult to exploit Variant 2, we continue to work closely with the industry on this threat," Chief Technology Officer Mark Papermaster wrote in a blog post on Thursday wrote. (bit.ly/2mlelIr)